iptables, audit.log & Brute force detection

On my server I have iptables setup so ssh (on port 22) only allows connections from a limited set of IP's (tested such that when I comment out my IP I can't connect). However, I notice in audit.log thousands of messages like: